When Cyber Threats Become Cyber Attacks

Two news items about US-China relations caught my eye this week. The first was a New York Times article about a Brookings Institution report that revealed the distrust between the two countries has "grown to a dangerous degree."

The second was a Wall Street Journal article that quoted the FBI's top cyber official saying US companies were failing to protect corporate networks from exploitation, including from hackers in China. The two are connected.

China believes that its time has arrived -- that it will displace the US as the world's largest economy in a matter of years, not decades, said Wang Jisi, an advisor to the Chinese Communist Party. The national policy of "keeping a low profile" will end with the departure of China's President Hu Jintao at the end of this year, Wang was quoted as saying in The New York Times.

As China flexes its muscles and the US responds, relations could devolve to "open antagonism," according to the Brookings Institution.

Increasingly US OEMs will be caught in the crossfire. Competition from Chinese companies has been intensifying in recent years in virtually all markets from automotive to communications to medical -- even military and aerospace hardware. A deterioration of relations will impair manufacturing operations and disrupt global supply chains. It will be important for companies that have international operations to develop contingency plans.

Case in point is the deployment of 180 US Marines to Darwin, Australia, this week, ahead of 2,500 Marines that will be stationed there as part of a US-Australian agreement. China is not happy with the show of force in its regional backyard. It's worth keeping an eye on China's reaction in the coming months.

As for countering cyber-threats, Shawn Henry, the outgoing executive assistant director of the FBI's Criminal, Cyber, Response, and Services Branch, said in an interview earlier this week that the US was "not winning" the war on cyber-crime and that companies need to change the ways they protect, police, and use computer networks, The Wall Street Journal reported.

In one corporate case, hackers stole 10-year's worth of intellectual property valued at over $1 billion, the FBI's Henry said.

Many of these threats are alleged to be coming from China, and US companies remain clueless. According to one source that tracked intrusions back to Chinese hackers, 94 percent of the targeted companies didn't realize they had been breached. The median number of days between the start of an intrusion and detection was 416.

Henry believes the way companies are fighting cyber-attacks is unsustainable: "Unsustainable in that you never get ahead, never become secure, never have a reasonable expectation of privacy or security."

Needless to say, CEOs and CFOs need to lead the charge to change their strategies and tactics to protect networks and company IP. Given the stakes, they need to arm CIOs to the teeth with tools to protect their corporate assets.

Rising tensions between the US and China are potentially going to lead to more cyber-espionage -- in both directions -- and will require new strategies and more resources by companies to protect their assets.

But there's a more sinister prospect lurking in the shadows, one that companies should not ignore.

Consider a cyber-attack, traced to China, on a US government agency, defense contractor, national lab, nuclear power plant, or other facility that has "national security" implications.

Up till now, according to one IT security expert, the US government has been very specific about classifying such breaches as "exploitation." It has never classified one as an "attack." But if it were to do so, it raises questions about the prospect of military retaliation -- either physical or cyber, or both.

This is a very gray area. And no one knows what exactly a cyberwar would look like. But given the news of the week, it's worth thinking about the impact it would have on your business.

No matter how strongly a network may be protected against such cyber-attacks, an intruder will always find a back door because let's be real people - he who is trying to hack into such highly protected sites knows what he's doing. Call it optimism but whatever it is, it's working for these hackers. Studying IT has made one thing very clear to me - in IP world, anything is possible.

I agree with you Henrisha. Companies with their professional IT resources need to be more efficient in monitoring their networks. 94% raises a lot of questions about data security and the efficiency of the IT departments.

The war against cyber attacks from hackers will always be easier from an attacker's perspective. The ongoing cyber-war is not limited to cyber attacks between governments and countries like US and China but extends to our own backyards. The last security scare when hackers managed to compromise RSA lead to other companies, from banking to military industries, that relied on RSA tech to secure their data were also affected and possibly compromised. A company or a government can plug 99 holes but a hacker only needs 1 hole to compromise the entire system. The only thing that can mitigate these risks is to make sure your company's (or government's) weakest link in security should be paid the most attention to. I'd say, educating everyone who uses computers or the internet on the dangers of phishing, opening attachments that could possibly contain viruses or trojans and safely browsing the web, is a good start to securing the weakest link: the users.

The fact that 94% of companies didn't even know they were breached, is troubling. I remember training specifically to help you realize when people wre trying to get information out of you through various ways including email phishing and phone phishing, but what can we do to make sure companies are aware when the attacks are cyber-related?

@SaneIT - good point. Cyber war is the 21st century's version of the Cold War. The only difference is that collatoral damage in the civilian/corporate world from of Cyber war is taking place on a daily basis.

AGigi - Attacks versus innovation: he former delivers innovation quickly, the latter takes years or decades. Of course, you need both, but attacks dramatically accelerate the time to market, especially if the penalties are non-existent.

We hear stories nearly every day about the great firewall of China. We know that part of it's purpose is to keep citizens from sites that the government wants to censor but I've never seen any mention of inbound traffic being filtered which I imagine happens quite often. We know that our government monitors as much traffic as they can but they can't protect all of us all the time. If cyber warfare ever breaks out in full force the fall out might be much worse than we can imagine. The damage done every year by identity thieves could be a nightmare if it happened on a large scale with the intention to crash an economy. That is where I see cyber warfare going, more toward crashing economies or causing dissent among citizens not so much defacing websites or crashing servers.

Sohaibmasood, there are two ways to have an upper hand. The first one is coming up by superior quality and innovative products, which is cumbersome. The second one is attacking method: which most of the countries are following. If you are not able to compete with innovation, the best and easiest method is attacking it and opens up the drawbacks/loopholes to the public.

The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.

Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail: moderators@enterpriseefficiency.com

Now that TGen has broken new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions, the company discusses what will come next for it and for personalized medicine.

The Translational Genomics Research Institute wanted to save lives, but its efforts were hobbled by immense computing challenges related to collecting, processing, sharing, and storing enormous amounts of data.